Hi Team,

 Once we configure LDAP configuration and import configuration details in 12.1 we did test connection it was working fine. Then we imported one of the user and provided required access. Then respective AD user is not able to authenticate it is showing invalid username and password then again we went to LDAP config and tested connection but it is not happening instead throwing error unable to connect .Verify the username and password. Then this user gone to lock state after testing connection in lDAP configuration page multiple times.

Required port is opened 

Connection tested successful before import

Connected failed post import

Kindly help me in this.

------------------------------
Santhosh M
------------------------------

@Santosh m Regarding the test connection failure when you went back to the LDAP User Import the second time. Did you re-enter the LDAP account password, re-save it, and re-test connection? If it still fails, can you confirm with your LDAP team that the LDAP service account didn't get locked out? Also, is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login.

------------------------------
Wendy Zemba
Sr. Consultant, Data Protection
Converge Technology Solutions
wendy.zemba@convergetp.com

Need help with your Guardium deployment? Contact me directly to discuss engagement opportunities. Currently serving North America.

Original Message:
Sent: Thu October 09, 2025 03:37 PM
From: Santhosh M
Subject: LDAP Authentication failed - 12.1

Hi Team,

 Once we configure LDAP configuration and import configuration details in 12.1 we did test connection it was working fine. Then we imported one of the user and provided required access. Then respective AD user is not able to authenticate it is showing invalid username and password then again we went to LDAP config and tested connection but it is not happening instead throwing error unable to connect .Verify the username and password. Then this user gone to lock state after testing connection in lDAP configuration page multiple times.

Required port is opened 

Connection tested successful before import

Connected failed post import

Kindly help me in this.

------------------------------
Santhosh M
------------------------------

Hi Wendy,

Thanks for the response.

About your queries:

Regarding the test connection failure when you went back to the LDAP User Import the second time. Did you re-enter the LDAP account password, re-save it, and re-test connection? If it still fails, can you confirm with your LDAP team that the LDAP service account didn't get locked out?   - I reentered LDAP account password, re saved but still issue persists.Also again service account got locked out. 

Also, is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login. -  Can you let me know about this clearly ? & I just wanted to add on thing Service account configured for LDAP is the same account in DC & DR. The problematic one is DR if we did failed test connection then this will affect in DC authentication.DC is running fine as of now there AD users can login GUI.

@Santosh m Regarding the test connection failure when you went back to the LDAP User Import the second time. Did you re-enter the LDAP account password, re-save it, and re-test connection? If it still fails, can you confirm with your LDAP team that the LDAP service account didn't get locked out? Also, is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login.

------------------------------
Wendy Zemba
Sr. Consultant, Data Protection
Converge Technology Solutions
wendy.zemba@convergetp.com

Need help with your Guardium deployment? Contact me directly to discuss engagement opportunities. Currently serving North America.

Original Message:
Sent: Thu October 09, 2025 03:37 PM
From: Santhosh M
Subject: LDAP Authentication failed - 12.1

Hi Team,

 Once we configure LDAP configuration and import configuration details in 12.1 we did test connection it was working fine. Then we imported one of the user and provided required access. Then respective AD user is not able to authenticate it is showing invalid username and password then again we went to LDAP config and tested connection but it is not happening instead throwing error unable to connect .Verify the username and password. Then this user gone to lock state after testing connection in lDAP configuration page multiple times.

Required port is opened 

Connection tested successful before import

Connected failed post import

Kindly help me in this.

------------------------------
Santhosh M
------------------------------

Can you clarify, I think you're saying you have two Guardium environments (DC & DR). Both are configured using the exact same LDAP settings, DC works fine, but DR will lock the LDAP service account after one successful test connection?

Have you run an Authentication must-gather to see if Guardium captures any errors that would provide helpful information?

Hi Wendy,

Thanks for the response.

About your queries:

Regarding the test connection failure when you went back to the LDAP User Import the second time. Did you re-enter the LDAP account password, re-save it, and re-test connection? If it still fails, can you confirm with your LDAP team that the LDAP service account didn't get locked out?   - I reentered LDAP account password, re saved but still issue persists.Also again service account got locked out. 

Also, is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login. -  Can you let me know about this clearly ? & I just wanted to add on thing Service account configured for LDAP is the same account in DC & DR. The problematic one is DR if we did failed test connection then this will affect in DC authentication.DC is running fine as of now there AD users can login GUI.

@Santosh m Regarding the test connection failure when you went back to the LDAP User Import the second time. Did you re-enter the LDAP account password, re-save it, and re-test connection? If it still fails, can you confirm with your LDAP team that the LDAP service account didn't get locked out? Also, is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login.

------------------------------
Wendy Zemba
Sr. Consultant, Data Protection
Converge Technology Solutions
wendy.zemba@convergetp.com

Need help with your Guardium deployment? Contact me directly to discuss engagement opportunities. Currently serving North America.

Original Message:
Sent: Thu October 09, 2025 03:37 PM
From: Santhosh M
Subject: LDAP Authentication failed - 12.1

Hi Team,

 Once we configure LDAP configuration and import configuration details in 12.1 we did test connection it was working fine. Then we imported one of the user and provided required access. Then respective AD user is not able to authenticate it is showing invalid username and password then again we went to LDAP config and tested connection but it is not happening instead throwing error unable to connect .Verify the username and password. Then this user gone to lock state after testing connection in lDAP configuration page multiple times.

Required port is opened 

Connection tested successful before import

Connected failed post import

Kindly help me in this.

------------------------------
Santhosh M
------------------------------

Hi Wendy,

I removed all configuration and started from scratch.Now test connection is happening.

Please let me know below 

1.Should we need to manually create LDAP user in user browser page without importing before authentication ? I manually add a user with bogus password and tried to authenticate using my AD ID but it is showing invalid username and password and if we try it for 3 times then AD ID created manually was getting disabled then i checked test connection it was getting failed so changed password for the service account in LDAP config page & resaved it then test connection succeeded.

2.is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login. -  Can you let me know about this clearly ?

3.Can you clarify, I think you're saying you have two Guardium environments (DC & DR). Both are configured using the exact same LDAP settings, DC works fine, but DR will lock the LDAP service account after one successful test connection? - Same service account & config with different LDAP server IP. DC is working fine

------------------------------
Santhosh M

Original Message:
Sent: Fri October 10, 2025 03:41 PM
From: Wendy Zemba
Subject: LDAP Authentication failed - 12.1

Can you clarify, I think you're saying you have two Guardium environments (DC & DR). Both are configured using the exact same LDAP settings, DC works fine, but DR will lock the LDAP service account after one successful test connection?

Have you run an Authentication must-gather to see if Guardium captures any errors that would provide helpful information?

------------------------------
Wendy Zemba
Sr. Consultant, Data Protection
Converge Technology Solutions
wendy.zemba@convergetp.com

Need help with your Guardium deployment? Contact me directly to discuss engagement opportunities. Currently serving North America.

Original Message:
Sent: Fri October 10, 2025 11:41 AM
From: Santhosh M
Subject: LDAP Authentication failed - 12.1

Hi Wendy,

Thanks for the response.

About your queries:

Regarding the test connection failure when you went back to the LDAP User Import the second time. Did you re-enter the LDAP account password, re-save it, and re-test connection? If it still fails, can you confirm with your LDAP team that the LDAP service account didn't get locked out?   - I reentered LDAP account password, re saved but still issue persists.Also again service account got locked out. 

Also, is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login. -  Can you let me know about this clearly ? & I just wanted to add on thing Service account configured for LDAP is the same account in DC & DR. The problematic one is DR if we did failed test connection then this will affect in DC authentication.DC is running fine as of now there AD users can login GUI.

------------------------------
Santhosh M

Original Message:
Sent: Fri October 10, 2025 09:29 AM
From: Wendy Zemba
Subject: LDAP Authentication failed - 12.1

@Santosh m Regarding the test connection failure when you went back to the LDAP User Import the second time. Did you re-enter the LDAP account password, re-save it, and re-test connection? If it still fails, can you confirm with your LDAP team that the LDAP service account didn't get locked out? Also, is it possible it was set up to require a password change on initial login? That would explain this behavior as well. Guardium can't respond to a password change request so you can't configure the Guardium LDAP service account to require a password change on first login.

------------------------------
Wendy Zemba
Sr. Consultant, Data Protection
Converge Technology Solutions
wendy.zemba@convergetp.com

Need help with your Guardium deployment? Contact me directly to discuss engagement opportunities. Currently serving North America.

Original Message:
Sent: Thu October 09, 2025 03:37 PM
From: Santhosh M
Subject: LDAP Authentication failed - 12.1

Hi Team,

 Once we configure LDAP configuration and import configuration details in 12.1 we did test connection it was working fine. Then we imported one of the user and provided required access. Then respective AD user is not able to authenticate it is showing invalid username and password then again we went to LDAP config and tested connection but it is not happening instead throwing error unable to connect .Verify the username and password. Then this user gone to lock state after testing connection in lDAP configuration page multiple times.

Required port is opened 

Connection tested successful before import

Connected failed post import

Kindly help me in this.

------------------------------
Santhosh M
------------------------------